techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity
9ebad9bec2
authelia/docs/features/2fa/one-time-password.md
Amir Zarrinkafsh 683c4a70bf
fix(web): improve 2fa enrollment process (#1706) 
* refactor(web): improve 2fa enrollment process

This PR will change some of the wording and colours for the 2FA processes in order to provide more clarity and address some accessibility issues for end users.

The following is a summary of the changes:

* One-Time Password ⭢ Time-based One-Time Password
* Security Key ⭢ Security Key - U2F

![Screenshot_2021-02-02-09-36-17](https://user-images.githubusercontent.com/3339418/107138185-17656100-6967-11eb-8fac-9e75c7a82d09.png)


* QRCode ⭢ QR Code

![Screenshot_2021-02-07-05-07-25](https://user-images.githubusercontent.com/3339418/107138196-29df9a80-6967-11eb-811f-d77c9bb0159e.png)

* `Not registered yet?` text to display `Lost device?` if a user has already registered a device of said type

![Screenshot_2021-02-02-10-24-54](https://user-images.githubusercontent.com/3339418/107138205-395ee380-6967-11eb-8826-83e1438dd146.png)

* Change button and text colour in e-mails that Authelia generates
* Change Authelia email footer to be more security conscious

![Screenshot_2021-02-07-04-51-40](https://user-images.githubusercontent.com/3339418/107138211-4085f180-6967-11eb-890b-9d931bd1ce76.png)

The docs have also been updated to clarify the 2fa device enrollment limitation which only allows users to register one of each device type concurrently.

Closes #1560.
2021-02-12 16:59:42 +11:00

42 lines
1.4 KiB
Markdown
Raw Blame History

---
layout: default
title: Time-based One-Time Password
nav_order: 1
parent: Second Factor
grand_parent: Features
---
# Time-based One-Time Password
**Authelia** supports Time-base one-time password generated by apps like [Google Authenticator].
<p align="center">
<img src="../../images/2FA-TOTP.png" width="300">
<img src="../../images/google-authenticator.png" width="150" class="no-border" style="margin-left: 50px">
</p>
After having successfully completed the first factor, select **One-Time Password method**
option and click on **Not registered yet?** link. This will e-mail you to confirm your identity.
*NOTE: If you're testing **Authelia**, this e-mail has likely been sent to the mailbox available at https://mail.example.com:8080/*
Once this validation step is completed, a QR Code gets displayed.
<p align="center">
<img src="../../images/REGISTER-TOTP.png" width="400">
</p>
You can then use [Google Authenticator] to scan the code in order to register your device.
From now on, you get tokens generated every 30 seconds that
you can use to validate the second factor in **Authelia**.
## Limitations
Users currently can only enroll a single TOTP device in **Authelia**.
Multiple single type device enrollment will be available when [this issue](https://github.com/authelia/authelia/issues/275) has been resolved.
[Google Authenticator]: https://google-authenticator.com/
Reference in New Issue View Git Blame Copy Permalink